Page MenuHomeVyOS Platform
Create Task
Maniphest T4630

Prevent attempts to use the same interface as a source interface for pseudo-ethernet and MACsec at the same time
Closed, ResolvedPublicBUG
Actions

Description

To reproduce:

set interfaces macsec macsec10 address '192.168.2.1/30'
set interfaces macsec macsec10 security cipher 'gcm-aes-256'
set interfaces macsec macsec10 security encrypt
set interfaces macsec macsec10 security mka cak '232e44b7fda6f8e2d88a07bf78a7aff4232e44b7fda6f8e2d88a07bf78a7aff4'
set interfaces macsec macsec10 security mka ckn '09924585a6f3010208cf5222ef24c821405b0e34f4b4f63b1f0ced474b9bb6e6'
set interfaces macsec macsec10 source-interface 'eth1'
commit
set interfaces pseudo-ethernet peth0 source-interface eth1
commit
[ interfaces pseudo-ethernet peth0 ]

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/interfaces-pseudo-ethernet.py", line 97, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/interfaces-pseudo-ethernet.py", line 88, in apply
    p = MACVLANIf(**peth)
  File "/usr/lib/python3/dist-packages/vyos/ifconfig/interface.py", line 327, in __init__
    self._create()
  File "/usr/lib/python3/dist-packages/vyos/ifconfig/macvlan.py", line 35, in _create
    self._cmd(cmd.format(**self.config))
  File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 52, in _cmd
    return cmd(command, self.debug)
  File "/usr/lib/python3/dist-packages/vyos/util.py", line 161, in cmd
    raise OSError(code, feedback)
FileNotFoundError: [Errno 2] failed to run command: ip link add peth0 link eth1 type macvlan mode private
returned:
exit code: 2

noteworthy:
cmd 'ip link add peth0 link eth1 type macvlan mode private'
returned (out):

returned (err):
RTNETLINK answers: Device or resource busy

[[interfaces pseudo-ethernet peth0]] failed
Commit failed

Details

Version
1.3.1, 1.4-rolling-202208151402
Is it a breaking change?
Stricter validation
Issue type
Bug (incorrect behavior)

Related Objects

Event Timeline

c-po created this task.Aug 19 2022, 6:43 PM
c-po claimed this task.
c-po triaged this task as Normal priority.
c-po moved this task from Open to In Progress on the VyOS 1.4 Sagitta board.Aug 22 2022, 4:42 PM
pasik subscribed.Aug 22 2022, 5:04 PM
c-po mentioned this in rVYOSONEXeb4a7ee3afc0: T4630: can not use same source-interface for macsec and pseudo-ethernet.Aug 24 2022, 7:45 PM
c-po moved this task from In Progress to Finished on the VyOS 1.4 Sagitta board.Aug 24 2022, 7:46 PM
c-po changed the task status from Open to Needs testing.Sep 3 2022, 4:29 PM
c-po added a comment.Sep 4 2022, 6:28 PM

PR for VyOS 1.3 https://github.com/vyos/vyos-1x/pull/1519

c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.3) board.Sep 4 2022, 6:28 PM
Restricted Repository Identity mentioned this in rVYOSONEX435016fdb353: Merge pull request #1519 from c-po/t4630-equuleus-peth-macsec.Sep 15 2022, 2:22 PM
c-po mentioned this in rVYOSONEX87894a2fa329: T4630: can not use same source-interface for macsec and pseudo-ethernet.Sep 15 2022, 2:22 PM
c-po closed this task as Resolved.Sep 15 2022, 4:01 PM
dmbaturin mentioned this in 1.3.3.Sep 22 2022, 10:19 AM
dmbaturin renamed this task from Pseudo Ethernet can not use identical source-interface as MACsec to Prevent attempts to use the same interface as a source interface for pseudo-ethernet and MACsec at the same time.Oct 7 2022, 2:46 PM